2 min Security

AWS Systems Manager can be abused in novel way

AWS Systems Manager can be abused in novel way

Israeli security company Mitiga has found a new way to abuse AWS Systems Manager as a Remote Access Trojan (RAT).

AWS Systems Manager is normally intended to help DevOps engineers manage operating systems in EC2 instances aided by automation. However, it now appears that malicious actors with advanced access to IT systems can deploy the tool to set up attacks continually.


Once attackers can take over the Systems Manager, this has several advantages for them. First, an SSM agent is trusted by various security solutions so no alerts are triggered. In addition, there is no need to use a new RAT binary because the SSM agent is already present and acts as a RAT. Through this tool, attackers can appear legitimate while using it as a command and control center. In addition, no programming code is needed to attack the infrastructure.

The compromised endpoint is also easily manipulated with features such as “RunCommand” and “StartSession” through another AWS account.

Systems Manager is additionally popular, making its deployment for this exploitation high.

Exploitation, detection and mitigation

Mitiga explains how Systems Manager can be exploited. The attacker must have permission to execute commands on a Linux or Windows machine with an SSM Agent on it. Attackers can then install trojans or backdoors to maintain access to the endpoint. Then the possibilities are known forms of exploitation: stealing or encrypting data, installing a cryptominer or spreading it further on the network.

Mitiga has shared his findings with AWS and recommends that SSM agents not simply be left on the “allow list” of EDR solutions. This prevents this tool from effectively acting like a RAT.

Also, an attack is detectable because the instance ID moves. These can be found in /var/lib/amazon/ssm/i-*** on Linux and in C:³³. There should not be more than one directory with an isntance name other than the original instance ID. Also, there should not be more than one process named “amazon-ssm-agent.”

Also read: Security-developed tool exploits vulnerability in Microsoft Teams